thank you.

  • Anon819450514@lemmy.ca
    link
    fedilink
    arrow-up
    140
    arrow-down
    1
    ·
    1 year ago

    Bitwarden. It’s free, open-srouce, you can even self-host your own instance… or pay 10$/year! for the full support. The free version has everything you will ever need.

    • Cralder@feddit.nu
      link
      fedilink
      arrow-up
      55
      arrow-down
      3
      ·
      1 year ago

      The price for the premium is fucking crazy. 10$ a fucking YEAR?? Not month but YEAR!? What features do you get? Actually I don’t care about the features just take my money that’s cheap as shit

      • ikiru@lemmy.ml
        link
        fedilink
        arrow-up
        54
        ·
        1 year ago

        I have premium and I have no idea. I just pay it to support them.

        It’s an excellent password manager. I love it!

      • sarjalim@lemm.ee
        link
        fedilink
        arrow-up
        16
        ·
        edit-2
        1 year ago

        I pay for Bitwarden premium and the big thing for me is the ability to use it for 2FA/TOTP right from the browser extension (for sites where I feel convenience mostly trumps hardened security). It’s glorious that Bitwarden autofills username and password, and then auto-copies the current 2FA code to your clipboard so you can just paste it immediately, instead of needing to pull up your phone and authenticator app to fetch a code, or check your email/texts for a code.

        • pjhenry1216@kbin.social
          link
          fedilink
          arrow-up
          8
          ·
          1 year ago

          Proton has a similar feature (not sure if it’s part of free or premium as I subscribed for proton ultimate so it just came with Proton Pass). It’s honestly crazy how nice having TOTP right in the extension for the account’s entry in the manager.

          Also, I realize this is like the third time I’ve made a comment about Proton, so I’m probably gonna stop before folks think I’m like a shill or something.

        • Anon819450514@lemmy.ca
          link
          fedilink
          arrow-up
          1
          ·
          1 year ago

          Oh fuck yeah, I forgot about this. No need to pull my cellphone anymore, all the 2FA gets automatically filled after entering password. That’s magic.

      • Amju Wolf@pawb.social
        link
        fedilink
        English
        arrow-up
        10
        ·
        edit-2
        1 year ago

        It’s insane to think that people think of that as cheap. It’s … adequate. Clearly enough to run a company that can support it and further develop it, all the infrastructure, etc. Somehow all other companies convinced us that it should be okay to pay $10 per month or more for the most basic of services, where until now their revenue per user was maybe $0.5/month for the biggest users (ad watchers).

        $10 per year is what the vast majority of subscriptions should cost - they’d still make plenty of money, but it’s just not enough for them when they know they can nickle and dime you for more.

      • kittykabal@kbin.social
        link
        fedilink
        arrow-up
        5
        ·
        1 year ago

        the big feature i use from premium is the ability to use hardware 2fa. i use a Yubikey to secure it further. worth the peace of mind imo, and Bitwarden has never once failed me in the years i’ve been using it!

      • Anon819450514@lemmy.ca
        link
        fedilink
        arrow-up
        2
        ·
        edit-2
        1 year ago

        You can share passwords with other people, you get 1gb of attachments space disk (to store important documents, recovery keys, crypto wallet, etc), you have access to many reports that will tell you what password might have leaked, weak password and whatnot.

      • Nyanix@lemmy.ca
        link
        fedilink
        arrow-up
        2
        ·
        1 year ago

        I know of MFA being allowed on it when you go premium, and I think it allows a collection, so you can have a shared collection of passwords with someone else. It’s been really handy for my wife and I, especially for things like bank and apartment logins.

  • adhdplantdev@lemm.ee
    link
    fedilink
    arrow-up
    64
    arrow-down
    1
    ·
    1 year ago

    The Firefox password manager can be secured with a master password that encrypts everything in your browser password store. Believe it’s pretty secure if you set this password otherwise it’s almost akin to having passwords stored in plain text.

    +1 for bitwarden

    • artaxthehappyhorse@lemmy.ml
      link
      fedilink
      arrow-up
      25
      arrow-down
      2
      ·
      edit-2
      1 year ago

      It’s encrypted over Firefox Sync though, regardless of if you set a master password.

      The master password is only needed if you don’t have complete physical security (or your machine is hacked)

      Curious if OP was more interested in how secure the Sync feature is vs the manager itself. Sync requires trusting that Mozilla aren’t the bad guys.

  • 𝒍𝒆𝒎𝒂𝒏𝒏@lemmy.one
    link
    fedilink
    arrow-up
    41
    ·
    1 year ago

    IMO yes. It’s stored encrypted on their sync service, and you can additionally encrypt it locally too by setting a master password in FF settings.

    Didn’t notice any mention that you can actually self host Firefox’s browser sync service yourself. Personally haven’t tried, but IIRC there’s setup docs on Mozilla’s github

  • callyral@kbin.social
    link
    fedilink
    arrow-up
    20
    arrow-down
    1
    ·
    1 year ago

    I personally switched from it to Keepass, it is cross-platform, open-source and pretty secure. It doesn’t come with cloud support, but I guess you could just put the file in some sort of cloud storage you trust. It also supports one-time authentication codes!

    • joby@programming.dev
      link
      fedilink
      arrow-up
      11
      ·
      1 year ago

      I’ve been using keepass for years. I use syncthing to keep the copy of the db on my phone and laptop and backup synced.

    • 1984@lemmy.today
      link
      fedilink
      arrow-up
      4
      arrow-down
      1
      ·
      edit-2
      1 year ago

      The big downside of this is when you need to log in to some web site when being away from your computer.

      Then you have to transfer your entire database to some other computer and make sure it’s deleted afterwards in a secure way. Much more risky than using Bitwarden I believe.

      I guess you can skip the deletion part if you trust there is no way to decrypt the db file in the future.

  • merrick@normalcity.life
    link
    fedilink
    English
    arrow-up
    13
    arrow-down
    1
    ·
    1 year ago

    I don’t recommend using any browser’s in built manager. Look into Bitwarden or KeePassXC.

  • nicman24@kbin.social
    link
    fedilink
    arrow-up
    11
    ·
    1 year ago

    Mozilla is one of the like companies (thought the foundation is non profit) that I would trust my encrypted data with

  • 520@kbin.social
    link
    fedilink
    arrow-up
    10
    arrow-down
    1
    ·
    1 year ago

    Keepass has what you’re looking for. Free, totally cross platform, no cloud unless you wanna put the database file on cloud storage, and can be very secure.

      • 520@kbin.social
        link
        fedilink
        arrow-up
        1
        arrow-down
        3
        ·
        1 year ago

        Context: KeepassXC is the Linux/macOS port of Keepass. Although it is handled by a different team, it isn’t significantly different from the Windows app.

        • ebits21@lemmy.ca
          link
          fedilink
          English
          arrow-up
          3
          ·
          1 year ago

          This is just bad information.

          It’s also on windows and yes it has more features like totp compared to keepass. It’s much more actively developed and has been audited.

          • 520@kbin.social
            link
            fedilink
            arrow-up
            1
            ·
            1 year ago

            It’s also on windows and yes it has more features like totp compared to keepass.

            Technically true, but the main focus is being on more platforms than just Windows. From their site:

            Why KeePassXC instead of KeePass?

            KeePass is a very proven and feature-rich password manager and there is nothing fundamentally wrong with it. However, it is written in C# and therefore requires Microsoft’s .NET platform. On systems other than Windows, you can run KeePass using the Mono runtime libraries, but you won’t get the native look and feel which you are used to.

            KeePassXC, on the other hand, is developed in C++ and runs natively on Linux, macOS and Windows giving you the best-possible platform integration.

            Also, vanilla Keepass has totp.